Need asistance with ISA rules to allow ASDM Launcher (from authorized workstations) to connect to the PIX Appliance for management purposes. I can connect directly to the PIX device via traditional "telnet" (using PuTTY)functionality but can't seem to figure out why ISA is not allowing the ASDM Interface. All local browser traffic is filtered thru the ISA Proxy beforehand and standard HTTP, HTTPS, SSH, Protocols have already been established in a Policy on the ISA. The ISA Server also has same rulesets established from localhost to the PIX device as well. Just can't seem to get beyond the ISA Server. Thanks in advance.

Answer Wiki

Do you have http/https enabled on the PIX? If so, can you launch ASDM using a https connection to the inside interface of the PIX? If you starts to launch and then stops, you may need to change the version of Java that is on your PC.

On the ASDM:

If you go to Configuration -> Properties -> HTTP/HTTPS, you should be able to change the port number in there.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States.
Privacy

Processing your response...

Discuss This Question: 2 &nbspReplies

There was an error processing your information. Please try again later.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States.
Privacy

Yes, HTTP Server is enabled on the PIX. At this point, I believe the source of the problem may be with the port I'm using to start outbound HTTP sessions in my browser (I.E. 7). I just discovered all outbound browser connections are being established with the Proxy Server (ISA) on Port 8080. If I speciifically add the PIX Inside Interface (IP Address) to the list of "Exceptions" in my browser, thereby avoiding the ISA entirely, the Cisco ASDM Launcher works. This tell me both the PIX and my workstation (i.e. Java components, etc) have been configured properly and no problems exist at the foundation level.
So, in essence, my question really is how I can leverage the ISA Proxy Server to allow/process traffic both to the PIX interface and back to my workstation via Cisco's ASDM Interface using Port 8080? If this can't be done, then I'll continue to exclude the Proxy from these sessions in my browser. Was merely wondering if there was a workaround. Can the PIX "HTTP Server" option be configured to use a different Port once enabled on the interface??? Thx.

Great..Thx..Another issue I discovered is the ISA Server is on a much lower security, and as such, static routes needed to be established to and back from the "inside interface"..Port Number Configuration info was bang on..!!

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States.
Privacy

Processing your reply...

Ask a Question

Free Guide: Managing storage for virtual environments

Complete a brief survey to get a complimentary 70-page whitepaper featuring the best methods and solutions for your virtual environment, as well as hypervisor-specific management advice from TechTarget experts. Don’t miss out on this exclusive content!

To follow this tag...

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States.
Privacy